The European Commission has, under the H2020 Program, brought together specialist expertise to form four pilot projects with the objective of connecting and sharing knowledge across multiple domains to develop a common cybersecurity strategy for Europe. ECHO (the European network of Cybersecurity centres and competence Hub for innovation and Operations) is one of these four projects. The ECHO consortium consists of 30 partners from different fields and sectors including health, transport, manufacturing, ICT, education, research, telecom, energy, space, healthcare, defence & civil protection.
The main objective of ECHO is to strengthen the proactive cyber defence of the European Union, enhancing Europe’s technological sovereignty through effective and efficient multi-sector and multi-domain collaboration. The project will develop a European Cybersecurity ecosystem, to support secure cooperation and development of the European market, as well as to protect the citizens of the European Union against cyber threats and incidents.
Main ECHO concepts:
- ECHO Governance Model: Management of direction and engagement of partners (current and future)
- ECHO Multi-sector assessment framework: Transverse and inter-sector needs assessment and technology R&D roadmaps
- ECHO Cyber skills Framework and training curriculum: Cyber skills reference model and associated curriculum
- ECHO Security Certification Scheme: Development of sector specific security certification needs within EU Cybersecurity Certification Framework from ENISA
- ECHO Federated Cyber Range: Advanced cyber simulation environment supporting training, R&D and certification
- ECHO Early Warning System: Secured collaborative information sharing of cyber-relevant information
ECHO will develop sector-specific and inter-sector demonstration cases for improving security measures within and among organizations. The testing and validation of innovative technologies, operational and decision-making processes enables the identification, specification and development of inter-sector challenges and opportunities. Enabling the definition and development of relevant inter-sector technology roadmaps.
The ECHO governance model will define the effective operational management of the future ECHO Group which shall consist of a network of cybersecurity competence centres and demonstrate an efficient ECHO Cybersecurity certification scheme.
The following operational systems and assets will also be delivered:
- The ECHO Early Warning System (E-EWS) – provides a mechanism for partners to share incidents, trends and other relevant cybersecurity data to trusted partners within the network of cybersecurity competence centres;
- The ECHO Federated Cyber Range (E-FCR) – provides realistic environments for conducting experimentation, exercises, research and prototype testing, enables the combination of multiple scenarios from different content providers, and a focus point for training and expertise.
ECHO intends to raise awareness of the need for cybersecurity amongst EU citizens and better-inform them of potential threats and best practises. The project will also provide innovative solutions to Governmental cyber issues, aid detection of cyberattacks, better combat them and improve response times in order to reduce their impact and ensure the safety of democratic decision-making. Industry will be educated on why and how to protect themselves and their customers against potential loss of data or money, helping to consolidate their reputation and position in the market.
The main challenge faced by ECHO is to create a stable, effective, shared and durable network composed of governments, organizations and companies in order to pool the collective cybersecurity skills, resources and knowledge within the European territory. Therefore, the visionary aim of ECHO is anchored on the project’s name itself: to establish a strong and resounding sustainable network of cybersecurity centres and competence for innovation within European Union, which will facilitate the sharing of knowledge, threats and cyber incidents for improving cybersecurity solutions, raise awareness of security and protection methods and establish best practices to reduce risk exposure.
- ECHO targets practical use of outcomes to offer technologies and services having increased cyber-resilience by sector and among inter-dependent partners
- Use of the ECHO Federation of Cyber Ranges (E-FCR) for experimental simulation of cyberattack scenarios, pre-production testing, product evaluations
- Combined use of the ECHO Federation of Cyber Ranges (E-FCR) and E-Cybersecurity Certification Scheme (E-CCS) for certified qualification testing of potential technologies required to meet customer specification
- Use of ECHO Cybersecurity Certification Scheme (E-CCS) as benchmark of cybersecurity certification to be obtained as a market differentiator
- Use of the ECHO Early Warning System (E-EWS) to share early warning of cybersecurity related issues (e.g., vulnerabilities, malware and trends, etc…)
- Promotion of improved cyber skills through leveraging diverse education and training options made available by the E-Cybersecurity Skills Framework, particularly as it relates to security-by-design best practices.